From 8cb015953ea00284982349a9181dea226d445be6 Mon Sep 17 00:00:00 2001 From: Danil Silantyev Date: Mon, 13 Jul 2026 21:29:38 +0700 Subject: [PATCH] chore: adopt shared CI 0.10.0 --- .github/workflows/README.md | 4 ++-- .github/workflows/actionlint.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/secret-scan.yml | 2 +- .github/workflows/zizmor.yml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/README.md b/.github/workflows/README.md index 1f257e5..83916a1 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -7,8 +7,8 @@ against a pinned submodule revision. Reusable workflows are sourced from [`NDDev-it-com/nddev-ci-workflows`](https://github.com/NDDev-it-com/nddev-ci-workflows) -release `0.8.1`, pinned to commit -`8b8e3ea6321c912b68eec831c2072a0173203433`. +release `0.10.0`, pinned to commit +`eb7bd953dc9741e559cb9e357c2d36c9b4de5a88`. ## Workflows diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index e307a87..418507e 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -19,4 +19,4 @@ jobs: name: actionlint permissions: contents: read - uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/actionlint.yml@8b8e3ea6321c912b68eec831c2072a0173203433 # 0.8.1 + uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/actionlint.yml@eb7bd953dc9741e559cb9e357c2d36c9b4de5a88 # 0.10.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 3a37908..83ac794 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -21,7 +21,7 @@ jobs: contents: read security-events: write # Publish CodeQL analysis to code scanning. actions: read # Read workflow metadata for the actions language. - uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/public-codeql.yml@8b8e3ea6321c912b68eec831c2072a0173203433 # 0.8.1 + uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/public-codeql.yml@eb7bd953dc9741e559cb9e357c2d36c9b4de5a88 # 0.10.0 with: languages: '["actions"]' queries: security-and-quality diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 6b59fb5..153f895 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -16,4 +16,4 @@ jobs: permissions: contents: read pull-requests: write # Comment when dependency policy rejects a change. - uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/public-dependency-review.yml@8b8e3ea6321c912b68eec831c2072a0173203433 # 0.8.1 + uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/public-dependency-review.yml@eb7bd953dc9741e559cb9e357c2d36c9b4de5a88 # 0.10.0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 331bf27..1b62a52 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -240,7 +240,7 @@ jobs: id-token: write # Exchange workflow identity for attestations. attestations: write # Publish provenance and SBOM attestations. artifact-metadata: write # Record the actions/attest artifact storage entry (required at v4.1.1). - uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/release-supply-chain.yml@8b8e3ea6321c912b68eec831c2072a0173203433 # 0.8.1 + uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/release-supply-chain.yml@eb7bd953dc9741e559cb9e357c2d36c9b4de5a88 # 0.10.0 with: version: ${{ github.ref_name }} package_name: nddev-zcode-app diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e606dbe..55aec29 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -19,4 +19,4 @@ jobs: contents: read actions: read # Inspect workflow metadata for Scorecard checks. id-token: write # Obtain OIDC identity for the Scorecard artifact. - uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/public-scorecard-json.yml@8b8e3ea6321c912b68eec831c2072a0173203433 # 0.8.1 + uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/public-scorecard-json.yml@eb7bd953dc9741e559cb9e357c2d36c9b4de5a88 # 0.10.0 diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml index 7dcb4d0..7d4d025 100644 --- a/.github/workflows/secret-scan.yml +++ b/.github/workflows/secret-scan.yml @@ -16,4 +16,4 @@ concurrency: jobs: secret-scan: name: Secret scan - uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/secret-scan.yml@8b8e3ea6321c912b68eec831c2072a0173203433 # 0.8.1 + uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/secret-scan.yml@eb7bd953dc9741e559cb9e357c2d36c9b4de5a88 # 0.10.0 diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 110cd24..09a5b1e 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -21,7 +21,7 @@ jobs: permissions: contents: read security-events: write # Publish workflow-analysis results to code scanning. - uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/zizmor-sarif.yml@8b8e3ea6321c912b68eec831c2072a0173203433 # 0.8.1 + uses: NDDev-it-com/nddev-ci-workflows/.github/workflows/zizmor-sarif.yml@eb7bd953dc9741e559cb9e357c2d36c9b4de5a88 # 0.10.0 with: persona: pedantic min_severity: low